When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's Computer to update the router configuration. What type of an alert is this?
The router's administrator is supposed to be able to access it for the purposes of administrating it. There is no attack here. Therefore, the alert is false. Since the alert detected the activity, it is a positive result. Therefore, D is correct; false positive.
C would indicate that access was a legitimate threat. That may be from a social engineering perspective but IDS to not take social engineering into account.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
The_Batman
Highly Voted 1 year, 8 months agoANDRESCB1988
Highly Voted 1 year, 9 months agoDaniel8660
Most Recent 6 months, 3 weeks agobaybay
7 months, 4 weeks agonoblethic
10 months, 2 weeks agospampat
1 year, 4 months agoAjaxFar
1 year, 5 months agoJude2021
1 year, 9 months agouglyoldgoat
1 year, 7 months agoN0MAD99
7 months, 1 week ago